shopify_app 8.2.6 → 8.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d2646af06c48a37cfbb95b06b993a766bb71ee40
-  data.tar.gz: b5180bafe5d1a2dff0b504cc88d88dd2591b4ab9
+  metadata.gz: 67993e953b33ffe850f9db651c7ecc411d5933b2
+  data.tar.gz: ca5981beba2ea540681d77363dc1ae6c4bd009de
 SHA512:
-  metadata.gz: f316a0447cb5bdcc47be2186183104b42767232e11eb3538b576479567fc930dfb24e17d911a1d1c6b5b5d56c6ffabf5e0b8891946b1f0b2506eefb0373dbf51
-  data.tar.gz: 10bfeabacdee5645f6d1ee04177aeefb893ec25a7ea505f564a2ed04f28abdb03e81d8796e9a5859505a8bf1458e43a4154f47d371a27b1da148cb3823925b2a
+  metadata.gz: 7665bf0987e8738cbeb9d8c0e92fa3e3d2055ffe60c80d6b50795d7f2db83e18d7df4fb89da81fc6226cacfc6fbb7fe0059d34a36071d5e90f259cb870004444
+  data.tar.gz: 353060a370d4ba42c86ebc95b0d09f1ee32d3eb106db177df4dec3f2580e0acb30fef419715db35b3a023337d2dd7874718a2e3277ea0729fbb52676394ba72e

data/.gitignore

@@ -9,3 +9,5 @@ doc/
 *.sqlite3
 test/tmp/*
 .idea
+# ignore sprockets cache
+/test/dummy/tmp/*

data/.rubocop.yml

@@ -0,0 +1,7 @@
+LineLength:
+  Exclude:
+    - test/**/*
+
+Metrics/ClassLength:
+  Exclude:
+    - test/**/*

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+8.3.0
+----
+* Fix embedded app session management in Safari 12
+* Add support for translation platform
+
 8.2.6
 ----
 * Sanitize the shop query param to include `.myshopify.com` if no domain was provided 

data/README.md

@@ -143,7 +143,7 @@ After running the `install` generator, you can start your app with `bundle exec
 $ rails generate shopify_app:shop_model
 ```
 
-The install generator doesn't create any database tables or models for you. If you are starting a new app its quite likely that you will want a shops table and model to store the tokens when your app is installed (most of our internally developed apps do!). This generator creates a shop model and a migration. This model includes the `ShopifyApp::SessionStorage` concern which adds two methods to make it compatible as a `SessionRepository`. After running this generator you'll notice the `session_repository` in your `config/initializers/shopify_app.rb` will be set to the `Shop` model. This means that internally ShopifyApp will try and load tokens from this model.
+The `install` generator doesn't create any database tables or models for you. If you are starting a new app its quite likely that you will want a shops table and model to store the tokens when your app is installed (most of our internally developed apps do!). This generator creates a shop model and a migration. This model includes the `ShopifyApp::SessionStorage` concern which adds two methods to make it compatible as a `SessionRepository`. After running this generator you'll notice the `session_repository` in your `config/initializers/shopify_app.rb` will be set to the `Shop` model. This means that internally ShopifyApp will try and load tokens from this model.
 
 *Note that you will need to run rake db:migrate after this generator*
 
@@ -413,8 +413,6 @@ Tunneling is also useful for working the the embedded app sdk to solve mixed con
 
 Questions or problems?
 ----------------------
-http://api.shopify.com <= Read up on the possible API calls!
 
-http://ecommerce.shopify.com/c/shopify-apis-and-technology <= Ask questions!
-
-http://docs.shopify.com/api/the-basics/getting-started <= Read the docs!
+- [Ask questions!](https://ecommerce.shopify.com/c/shopify-apis-and-technology)
+- [Read the docs!](https://help.shopify.com/api/guides)

data/app/assets/javascripts/shopify_app/itp_polyfill.js

@@ -0,0 +1,30 @@
+(function() {
+  function setCookieAndRedirect() {
+    document.cookie = "shopify.cookies_persist=true";
+    window.location.href = window.shopOrigin + "/admin/apps/" + window.apiKey;
+  }
+
+  function shouldDisplayPrompt() {
+    if (navigator.userAgent.indexOf('com.jadedpixel.pos') !== -1) {
+      return false;
+    }
+
+    if (navigator.userAgent.indexOf('Shopify Mobile/iOS') !== -1) {
+      return false;
+    }
+
+    return Boolean(document.hasStorageAccess);
+  }
+
+  document.addEventListener("DOMContentLoaded", function() {
+    if (shouldDisplayPrompt()) {
+      var itpContent = document.querySelector('#CookiePartitionPrompt');
+      itpContent.style.display = 'block';
+
+      var button = document.querySelector('#AcceptCookies');
+      button.addEventListener('click', setCookieAndRedirect);
+    } else {
+      setCookieAndRedirect();
+    }
+  });
+})();

data/app/assets/javascripts/shopify_app/redirect.js

@@ -1,19 +1,33 @@
-document.addEventListener("DOMContentLoaded", function() {
-  var redirectTargetElement = document.getElementById("redirection-target");
-  var targetInfo = JSON.parse(redirectTargetElement.dataset.target)
+(function() {
+  function redirect() {
+    var redirectTargetElement = document.getElementById("redirection-target");
 
-  if (window.top == window.self) {
-    // If the current window is the 'parent', change the URL by setting location.href
-    window.top.location.href = targetInfo.url;
-  } else {
-    // If the current window is the 'child', change the parent's URL with postMessage
-    normalizedLink = document.createElement('a');
-    normalizedLink.href = targetInfo.url;
+    if (!redirectTargetElement) {
+      return;
+    }
 
-    data = JSON.stringify({
-      message: 'Shopify.API.remoteRedirect',
-      data: { location: normalizedLink.href }
-    });
-    window.parent.postMessage(data, targetInfo.myshopifyUrl);
+    var targetInfo = JSON.parse(redirectTargetElement.dataset.target)
+
+    if (window.top == window.self) {
+      // If the current window is the 'parent', change the URL by setting location.href
+      window.top.location.href = targetInfo.url;
+    } else {
+      // If the current window is the 'child', change the parent's URL with postMessage
+      normalizedLink = document.createElement('a');
+      normalizedLink.href = targetInfo.url;
+
+      data = JSON.stringify({
+        message: 'Shopify.API.remoteRedirect',
+        data: {location: normalizedLink.href}
+      });
+      window.parent.postMessage(data, targetInfo.myshopifyUrl);
+    }
   }
-});
+
+  document.addEventListener("DOMContentLoaded", redirect);
+
+  // In the turbolinks context, neither DOMContentLoaded nor turbolinks:load
+  // consistently fires. This ensures that we at least attempt to fire in the
+  // turbolinks situation as well.
+  redirect();
+})();

data/app/controllers/shopify_app/sessions_controller.rb

@@ -14,6 +14,11 @@ module ShopifyApp
       authenticate
     end
 
+    def enable_cookies
+      @shop = sanitized_shop_name
+      render_invalid_shop_error unless @shop
+    end
+
     def callback
       if auth_hash
         login_shop
@@ -37,15 +42,47 @@ module ShopifyApp
     private
 
     def authenticate
-      if sanitized_shop_name.present?
-        session['shopify.omniauth_params'] = { shop: sanitized_shop_name }
-        fullpage_redirect_to "#{main_app.root_path}auth/shopify"
+      return render_invalid_shop_error unless sanitized_shop_name.present?
+      session['shopify.omniauth_params'] = { shop: sanitized_shop_name }
+
+      if redirect_for_cookie_access?
+        fullpage_redirect_to enable_cookies_path(shop: sanitized_shop_name)
+      elsif authenticate_in_context?
+        authenticate_in_context
       else
-        flash[:error] = I18n.t('invalid_shop_url')
-        redirect_to return_address
+        authenticate_at_top_level
       end
     end
 
+    def render_invalid_shop_error
+      flash[:error] = I18n.t('invalid_shop_url')
+      redirect_to return_address
+    end
+
+    def authenticate_in_context
+      clear_top_level_oauth_cookie
+      redirect_to "#{main_app.root_path}auth/shopify"
+    end
+
+    def authenticate_at_top_level
+      set_top_level_oauth_cookie
+      fullpage_redirect_to login_url(top_level: true)
+    end
+
+    def authenticate_in_context?
+      return true unless ShopifyApp.configuration.embedded_app?
+      return true if params[:top_level]
+      session['shopify.top_level_oauth']
+    end
+
+    def redirect_for_cookie_access?
+      return false unless ShopifyApp.configuration.embedded_app?
+      return false if params[:top_level]
+      return false if session['shopify.cookies_persist']
+
+      true
+    end
+
     def login_shop
       sess = ShopifyAPI::Session.new(shop_name, token)
 

data/app/views/shopify_app/sessions/enable_cookies.html.erb

@@ -0,0 +1,386 @@
+<!DOCTYPE html>
+<html lang="<%= I18n.locale %>">
+<head>
+  <meta charset="utf-8" />
+  <style>
+    html,
+    body {
+      min-height:100%;
+      height:100%; 
+      font-size:1.5rem;
+      font-weight:400;
+      line-height:2rem;
+      text-transform:initial;
+      letter-spacing:initial;
+      font-weight:400;
+      color:#212b36;
+      font-family:-apple-system, BlinkMacSystemFont, San Francisco, Roboto, Segoe UI, Helvetica Neue, sans-serif;
+    }
+
+    @media (min-width: 40em) {
+      html,
+      body {
+        font-size:1.4rem;
+      }
+    }
+
+    html {
+      position:relative;
+      font-size:62.5%;
+      -webkit-font-smoothing:antialiased;
+      -moz-osx-font-smoothing:grayscale;
+      -webkit-text-size-adjust:100%;
+      -ms-text-size-adjust:100%;
+      text-size-adjust:100%;
+      text-rendering:optimizeLegibility;
+    }
+
+    body {
+      min-height:100%;
+      margin:0;
+      padding:0;
+      background-color:#f4f6f8;
+    }
+
+    *,
+    *::before,
+    *::after{
+      box-sizing:border-box; }
+
+    h1,
+    h2,
+    h3,
+    h4,
+    h5,
+    h6,
+    p {
+      margin:0;
+      font-size:1em;
+      font-weight:400;
+    }
+
+    #CookiePartitionPrompt {
+      display: none;
+    }
+
+    .Polaris-Page {
+      margin:0 auto;
+      padding:0;
+      max-width:99.8rem; 
+    }
+
+    @media (min-width: 30.625em) {
+      .Polaris-Page {
+        padding:0 2rem;
+      }
+    }
+    @media (min-width: 46.5em) {
+      .Polaris-Page {
+        padding:0 3.2rem;
+      }
+    }
+
+    .Polaris-Page__Content {
+      margin:2rem 0;
+    }
+
+    @media (min-width: 46.5em) {
+      .Polaris-Page__Content {
+        margin-top:2rem;
+      }
+    }
+
+    @media (min-width: 46.5em) {
+      .Polaris-Page {
+        display: flex;
+        justify-content: center;
+        align-items: center;
+        height: 100vh;
+      }
+    }
+
+    .Polaris-Layout {
+      display:-webkit-box;
+      display:-ms-flexbox;
+      display:flex;
+      -ms-flex-wrap:wrap;
+      flex-wrap:wrap;
+      -webkit-box-pack:center;
+      -ms-flex-pack:center;
+      justify-content:center;
+      -webkit-box-align:start;
+      -ms-flex-align:start;
+      align-items:flex-start;
+      margin-top:-2rem;
+      margin-left:-2rem;
+    }
+
+    .Polaris-Layout__Section {
+      -webkit-box-flex:2;
+      -ms-flex:2 2 48rem;
+      flex:2 2 48rem;
+      min-width:51%;
+    }
+
+    .Polaris-Layout__Section--fullWidth {
+      -webkit-box-flex:1;
+      -ms-flex:1 1 100%;
+      flex:1 1 100%;
+    }
+
+    .Polaris-Layout__Section {
+      max-width:calc(100% - 2rem);
+      margin-top:2rem;
+      margin-left:2rem;
+    }
+
+    .Polaris-Stack {
+      margin-top:-1.6rem;
+      margin-left:-1.6rem;
+      display:-webkit-box;
+      display:-ms-flexbox;
+      display:flex;
+      -ms-flex-wrap:wrap;
+      flex-wrap:wrap;
+      -webkit-box-align:stretch;
+      -ms-flex-align:stretch;
+      align-items:stretch;
+    }
+
+    .Polaris-Stack > .Polaris-Stack__Item {
+      margin-top:1.6rem;
+      margin-left:1.6rem;
+      max-width:calc(100% - 1.6rem);
+    }
+
+    .Polaris-Stack__Item {
+      -webkit-box-flex:0;
+      -ms-flex:0 0 auto;
+      flex:0 0 auto;
+      min-width:0;
+    }
+
+    .Polaris-Heading {
+      font-size:1.7rem;
+      font-weight:600;
+      line-height:2.4rem;
+      margin:0;
+    }
+
+    @media (min-width: 40em) {
+      .Polaris-Heading {
+        font-size:1.6rem;
+      }
+    }
+
+    .Polaris-Card {
+      overflow:hidden;
+      background-color:white;
+      box-shadow:0 0 0 1px rgba(63, 63, 68, 0.05), 0 1px 3px 0 rgba(63, 63, 68, 0.15);
+    }
+
+    .Polaris-Card + .Polaris-Card {
+      margin-top:2rem;
+    }
+
+    @media (min-width: 30.625em) {
+      .Polaris-Card {
+        border-radius:3px;
+      }
+    }
+
+    .Polaris-Card__Header {
+      padding:2rem 2rem 0;
+    }
+
+    .Polaris-Card__Section {
+      padding:2rem;
+    }
+
+    .Polaris-Card__Section + .Polaris-Card__Section {
+      border-top:1px solid #dfe3e8;
+    }
+
+    .Polaris-Card__Section--subdued {
+      background-color:#f9fafb;
+    }
+
+
+    .Polaris-Stack--distributionTrailing {
+      -webkit-box-pack:end;
+      -ms-flex-pack:end;
+      justify-content:flex-end;
+    }
+
+    .Polaris-Stack--vertical {
+      -webkit-box-orient:vertical;
+      -webkit-box-direction:normal;
+      -ms-flex-direction:column;
+      flex-direction:column;
+    }
+
+    .Polaris-Button {
+      fill:#637381;
+      position:relative;
+      display:-webkit-inline-box;
+      display:-ms-inline-flexbox;
+      display:inline-flex;
+      -webkit-box-align:center;
+      -ms-flex-align:center;
+      align-items:center;
+      -webkit-box-pack:center;
+      -ms-flex-pack:center;
+      justify-content:center;
+      min-height:3.6rem;
+      min-width:3.6rem;
+      margin:0;
+      padding:0.7rem 1.6rem;
+      background:linear-gradient(to bottom, white, #f9fafb);
+      border:1px solid #c4cdd5;
+      box-shadow:0 1px 0 0 rgba(22, 29, 37, 0.05);
+      border-radius:3px;
+      line-height:1;
+      color:#212b36;
+      text-align:center;
+      cursor:pointer;
+      -webkit-user-select:none;
+      -moz-user-select:none;
+      -ms-user-select:none;
+      user-select:none;
+      text-decoration:none;
+      transition-property:background, border, box-shadow;
+      transition-duration:200ms;
+      transition-timing-function:cubic-bezier(0.64, 0, 0.35, 1);
+    }
+
+    .Polaris-Button:hover {
+      background:linear-gradient(to bottom, #f9fafb, #f4f6f8);
+      border-color:#c4cdd5;
+    }
+
+    .Polaris-Button:focus {
+      border-color:#5c6ac4;
+      outline:0;
+      box-shadow:0 0 0 1px #5c6ac4;
+    }
+
+    .Polaris-Button:active {
+      background:linear-gradient(to bottom, #f4f6f8, #f4f6f8);
+      border-color:#c4cdd5;
+      box-shadow:0 0 0 0 transparent, inset 0 1px 1px 0 rgba(99, 115, 129, 0.1), inset 0 1px 4px 0 rgba(99, 115, 129, 0.2);
+    }
+
+    .Polaris-Button.Polaris-Button--disabled {
+      fill:#919eab;
+      transition:none;
+      background:linear-gradient(to bottom, #f4f6f8, #f4f6f8);
+      color:#919eab;
+    }
+
+    .Polaris-Button__Content {
+      font-size:1.5rem;
+      font-weight:400;
+      line-height:1.6rem;
+      text-transform:initial;
+      letter-spacing:initial;
+      position:relative;
+      display:-webkit-box;
+      display:-ms-flexbox;
+      display:flex;
+      -webkit-box-pack:center;
+      -ms-flex-pack:center;
+      justify-content:center;
+      -webkit-box-align:center;
+      -ms-flex-align:center;
+      align-items:center;
+      min-width:1px;
+      min-height:1px;
+    }
+      
+    @media (min-width: 40em) {
+      .Polaris-Button__Content {
+        font-size:1.4rem;
+      } 
+    }
+
+    .Polaris-Button--primary {
+      background:linear-gradient(to bottom, #6371c7, #5563c1);
+      border-color:#3f4eae;
+      box-shadow:inset 0 1px 0 0 #6774c8, 0 1px 0 0 rgba(22, 29, 37, 0.05), 0 0 0 0 transparent;
+      color:white;
+      fill:white;
+    }
+
+    .Polaris-Button--primary:hover {
+      background:linear-gradient(to bottom, #5c6ac4, #4959bd);
+      border-color:#3f4eae;
+      color:white;
+      text-decoration:none;
+    }
+
+    .Polaris-Button--primary:focus {
+      border-color:#202e78;
+      box-shadow:inset 0 1px 0 0 #6f7bcb, 0 1px 0 0 rgba(22, 29, 37, 0.05), 0 0 0 1px #202e78;
+    }
+
+    .Polaris-Button--primary:active {
+      background:linear-gradient(to bottom, #3f4eae, #3f4eae);
+      border-color:#38469b;
+      box-shadow:inset 0 0 0 0 transparent, 0 1px 0 0 rgba(22, 29, 37, 0.05), 0 0 1px 0 #38469b;
+    }
+
+    .Polaris-Button--primary.Polaris-Button--disabled {
+      fill:white;
+      background:linear-gradient(to bottom, #bac0e6, #bac0e6);
+      border-color:#a7aedf;
+      box-shadow:none;
+      color:white;
+    }
+  </style>
+  <base target="_top">
+  <title>Redirecting…</title>
+
+  <script>
+    window.apiKey = "<%= ShopifyApp.configuration.api_key %>";
+    window.shopOrigin = "https://<%= @shop %>";
+  </script>
+
+  <%= javascript_include_tag('shopify_app/itp_polyfill', crossorigin: 'anonymous', integrity: true) %>
+</head>
+<body>
+  <main id="CookiePartitionPrompt">
+    <div class="Polaris-Page">
+      <div class="Polaris-Page__Content">
+        <div class="Polaris-Layout">
+          <div class="Polaris-Layout__Section">
+            <div class="Polaris-Stack Polaris-Stack--vertical">
+              <div class="Polaris-Stack__Item">
+                <div class="Polaris-Card">
+                  <div class="Polaris-Card__Header">
+                    <h1 class="Polaris-Heading"><%= I18n.t('enable_cookies_heading', app: ShopifyApp.configuration.application_name) %></h1>
+                  </div>
+                  <div class="Polaris-Card__Section">
+                    <p><%= I18n.t('enable_cookies_body', app: ShopifyApp.configuration.application_name) %></p>
+                  </div>
+                  <div class="Polaris-Card__Section Polaris-Card__Section--subdued">
+                    <p><%= I18n.t('enable_cookies_footer') %></p>
+                  </div>
+                </div>
+              </div>
+              <div class="Polaris-Stack__Item">
+                <div class="Polaris-Stack Polaris-Stack--distributionTrailing">
+                  <div class="Polaris-Stack__Item">
+                    <button type="button" class="Polaris-Button Polaris-Button--primary" id="AcceptCookies">
+                      <span class="Polaris-Button__Content"><span><%= I18n.t('enable_cookies_action') %></span></span>
+                    </button>
+                  </div>
+                </div>
+              </div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  </main>
+</body>
+</html>

data/config/locales/en.yml

@@ -2,3 +2,7 @@ en:
   logged_out: 'Successfully logged out'
   could_not_log_in: 'Could not log in to Shopify store'
   invalid_shop_url: 'Invalid shop domain'
+  enable_cookies_heading: "Enable cookies from %{app}"
+  enable_cookies_body: "You must manually enable cookies in this browser in order to use %{app} within Shopify."
+  enable_cookies_footer: 'Cookies let the app authenticate you by temporarily storing your preferences and personal information. They expire after 30 days.'
+  enable_cookies_action: 'Enable cookies'

data/config/routes.rb

@@ -2,6 +2,7 @@ ShopifyApp::Engine.routes.draw do
   controller :sessions do
     get 'login' => :new, :as => :login
     post 'login' => :create, :as => :authenticate
+    get 'enable_cookies' => :enable_cookies, :as => :enable_cookies
     get 'auth/shopify/callback' => :callback
     get 'logout' => :destroy, :as => :logout
   end

data/lib/generators/shopify_app/install/templates/_flash_messages.html.erb

@@ -5,11 +5,11 @@
   if (!document.documentElement.hasAttribute("data-turbolinks-preview")) {
     document.addEventListener(eventName, function flash() {
       <% if flash[:notice] %>
-        ShopifyApp.flashNotice("<%= j flash[:notice].html_safe %>");
+        ShopifyApp.flashNotice(<%== flash[:notice].to_json %>);
       <% end %>
 
       <% if flash[:error] %>
-        ShopifyApp.flashError("<%= j flash[:error].html_safe %>");
+        ShopifyApp.flashError(<%== flash[:error].to_json %>);
       <% end %>
                              
       document.removeEventListener(eventName, flash)

data/lib/shopify_app/controller_concerns/login_protection.rb

@@ -5,19 +5,19 @@ module ShopifyApp
     class ShopifyDomainNotFound < StandardError; end
 
     included do
+      after_action :set_test_cookie
       rescue_from ActiveResource::UnauthorizedAccess, :with => :close_session
     end
 
     def shopify_session
-      if shop_session
-        begin
-          ShopifyAPI::Base.activate_session(shop_session)
-          yield
-        ensure
-          ShopifyAPI::Base.clear_session
-        end
-      else
-        redirect_to_login
+      return redirect_to_login unless shop_session
+      clear_top_level_oauth_cookie
+
+      begin
+        ShopifyAPI::Base.activate_session(shop_session)
+        yield
+      ensure
+        ShopifyAPI::Base.clear_session
       end
     end
 
@@ -28,8 +28,7 @@ module ShopifyApp
 
     def login_again_if_different_shop
       if shop_session && params[:shop] && params[:shop].is_a?(String) && (shop_session.url != params[:shop])
-        session[:shopify] = nil
-        session[:shopify_domain] = nil
+        clear_shop_session
         redirect_to_login
       end
     end
@@ -48,25 +47,42 @@ module ShopifyApp
     end
 
     def close_session
+      clear_shop_session
+      redirect_to login_url
+    end
+
+    def clear_shop_session
       session[:shopify] = nil
       session[:shopify_domain] = nil
-      redirect_to login_url
+      session[:shopify_user] = nil
     end
 
-    def login_url
+    def login_url(top_level: false)
       url = ShopifyApp.configuration.login_url
 
-      if params[:shop].present?
-        query = { shop: sanitized_params[:shop] }.to_query
-        url = "#{url}?#{query}"
-      end
+      query_params = login_url_params(top_level: top_level)
 
+      url = "#{url}?#{query_params.to_query}" if query_params.present?
       url
     end
 
+    def login_url_params(top_level:)
+      query_params = {}
+      query_params[:shop] = sanitized_params[:shop] if params[:shop].present?
+
+      has_referer_shop_name = referer_sanitized_shop_name.present?
+
+      if has_referer_shop_name
+        query_params[:shop] ||= referer_sanitized_shop_name
+      end
+
+      query_params[:top_level] = true if top_level
+      query_params
+    end
+
     def fullpage_redirect_to(url)
       if ShopifyApp.configuration.embedded_app?
-        render 'shopify_app/shared/redirect', locals: { url: url, current_shopify_domain: current_shopify_domain }
+        render 'shopify_app/shared/redirect', layout: false, locals: { url: url, current_shopify_domain: current_shopify_domain }
       else
         redirect_to url
       end
@@ -83,6 +99,17 @@ module ShopifyApp
       @sanitized_shop_name ||= sanitize_shop_param(params)
     end
 
+    def referer_sanitized_shop_name
+      return unless request.referer.present?
+
+      @referer_sanitized_shop_name ||= begin
+        referer_uri = URI(request.referer)
+        query_params = Rack::Utils.parse_query(referer_uri.query)
+
+        sanitize_shop_param(query_params.with_indifferent_access)
+      end
+    end
+
     def sanitize_shop_param(params)
       return unless params[:shop].present?
       ShopifyApp::Utils.sanitize_shop_domain(params[:shop])
@@ -95,5 +122,18 @@ module ShopifyApp
         end
       end
     end
+
+    def set_test_cookie
+      return unless ShopifyApp.configuration.embedded_app?
+      session['shopify.cookies_persist'] = true
+    end
+
+    def clear_top_level_oauth_cookie
+      session.delete('shopify.top_level_oauth')
+    end
+
+    def set_top_level_oauth_cookie
+      session['shopify.top_level_oauth'] = true
+    end
   end
 end

data/lib/shopify_app/engine.rb

@@ -4,7 +4,10 @@ module ShopifyApp
     isolate_namespace ShopifyApp
 
     initializer "shopify_app.assets.precompile" do |app|
-      app.config.assets.precompile += %w( shopify_app/redirect.js )
+      app.config.assets.precompile += %w[
+        shopify_app/redirect.js
+        shopify_app/itp_polyfill.js
+      ]
     end
   end
 end

data/lib/shopify_app/version.rb

@@ -1,3 +1,3 @@
 module ShopifyApp
-  VERSION = '8.2.6'.freeze
+  VERSION = '8.3.0'.freeze
 end

data/translation.yml

@@ -0,0 +1,7 @@
+source_language: en
+target_languages: [de, es, fr, it, ja, pt-BR]
+components:
+  - name: 'merchant'
+    paths:
+      - config/locales/{{language}}.yml
+      - config/locales/**/{{language}}.yml

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shopify_app
 version: !ruby/object:Gem::Version
-  version: 8.2.6
+  version: 8.3.0
 platform: ruby
 authors:
 - Shopify
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-04-09 00:00:00.000000000 Z
+date: 2018-09-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -130,16 +130,19 @@ extra_rdoc_files: []
 files:
 - ".github/ISSUE_TEMPLATE.md"
 - ".gitignore"
+- ".rubocop.yml"
 - ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - LICENSE
 - README.md
 - Rakefile
+- app/assets/javascripts/shopify_app/itp_polyfill.js
 - app/assets/javascripts/shopify_app/redirect.js
 - app/controllers/shopify_app/authenticated_controller.rb
 - app/controllers/shopify_app/sessions_controller.rb
 - app/controllers/shopify_app/webhooks_controller.rb
+- app/views/shopify_app/sessions/enable_cookies.html.erb
 - app/views/shopify_app/sessions/new.html.erb
 - app/views/shopify_app/shared/redirect.html.erb
 - config/locales/de.yml
@@ -198,6 +201,7 @@ files:
 - lib/shopify_app/version.rb
 - shipit.rubygems.yml
 - shopify_app.gemspec
+- translation.yml
 homepage: 
 licenses: []
 metadata: {}